Open Source Security Software - Page 3

Security Software

View 5916 business solutions
Security Clear Filters
  • Custom VMs From 1 to 96 vCPUs With 99.95% Uptime Icon
    Custom VMs From 1 to 96 vCPUs With 99.95% Uptime

    General-purpose, compute-optimized, or GPU/TPU-accelerated. Built to your exact specs.

    Live migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
    Try Free
  • Train ML Models With SQL You Already Know Icon
    Train ML Models With SQL You Already Know

    BigQuery automates data prep, analysis, and predictions with built-in AI assistance.

    Build and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
    Try Free
  • 1

    htmLawed

    PHP code to purify & filter HTML

    The htmLawed PHP script makes HTML more secure and standards- & policy-compliant. The customizable HTML filter/purifier can balance tags, ensure proper nestings, neutralize XSS, restrict HTML, beautify code like Tidy, implement anti-spam measures, etc.
    Leader badge
    Downloads: 1,652 This Week
    Last Update:
    See Project
  • 2
    mkcert

    mkcert

    Zero-config tool to make locally trusted development certificates

    mkcert is a simple tool for making locally-trusted development certificates. It requires no configuration. Using certificates from real certificate authorities (CAs) for development can be dangerous or impossible (for hosts like example.test, localhost or 127.0.0.1), but self-signed certificates cause trust errors. Managing your own CA is the best solution, but usually involves arcane commands, specialized knowledge and manual steps. mkcert automatically creates and installs a local CA in the system root store, and generates locally-trusted certificates. mkcert does not automatically configure servers to use the certificates, though, that's up to you. The CA certificate and its key are stored in an application data folder in the user's home. You usually don't have to worry about it, as the installation is automated, but the location is printed by mkcert -CAROOT.
    Downloads: 110 This Week
    Last Update:
    See Project
  • 3
    Toutatis

    Toutatis

    Extract public Instagram account information from usernames

    Toutatis is an open source command-line tool designed to extract publicly available information from Instagram accounts. It helps users gather various data points from a target profile by querying Instagram using a username or account ID. The tool can retrieve details such as profile metadata, follower counts, biography information, and other publicly accessible account attributes. In addition to basic profile data, Toutatis can also reveal contact details that may be publicly exposed, including email addresses and phone numbers associated with the account. The utility is implemented in Python and runs through a simple command-line interface, making it easy to integrate into OSINT workflows and automation scripts. Toutatis is commonly used in open source intelligence investigations, research tasks, and security analysis that involve collecting publicly available social media data.
    Downloads: 109 This Week
    Last Update:
    See Project
  • 4
    JXplorer - A Java Ldap Browser

    JXplorer - A Java Ldap Browser

    Mature LDAP, LDIF and DSML client with i18n support.

    A java LDAP client with LDIF support, security (inc SSL, SASL & GSSAPI), translated into many languages (inc. Chinese), online help, user forms and many other features. The commercial version is available at https://jxworkbench.com for $9.95. It extends JXplorer to include: - custom LDAP reporting - to pdf, word etc. - Find and Replace with regexp and attribute substitution - A secure password vault to store directory connections - etc. Support for JXplorer and JXWorkbench is available at http://jxplorer.org. Commercial support available from sales@jxworkbench.com
    Leader badge
    Downloads: 509 This Week
    Last Update:
    See Project
  • Build Agents and Models on One Platform Icon
    Build Agents and Models on One Platform

    Everything you need to build production-ready agents and models. Access 200+ Google and third-party AI models and tools.

    Gemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
    Try It Free
  • 5
    mimikatz

    mimikatz

    A little tool to play with Windows security

    mimikatz is a tool that makes some "experiments" with Windows security. It's well-known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. It can also perform pass-the-hash, pass-the-ticket or build Golden tickets; play with certificates or private keys, vault and more.
    Downloads: 100 This Week
    Last Update:
    See Project
  • 6
    Securepoint SSL VPN Client

    Securepoint SSL VPN Client

    SSL VPN Client for Windows (OpenVPN).

    SSL VPN Client for Windows (OpenVPN).
    Leader badge
    Downloads: 667 This Week
    Last Update:
    See Project
  • 7
    Syncthing

    Syncthing

    Open Source Continuous File Synchronization

    Syncthing is an open source continuous file synchronization program, which essentially works by synchronizing files between two or more computers in real time. Syncthing is designed to first and foremost keep users’ data safe and protected against data loss and against attackers who would unlawfully try and access this data. It doesn’t store data anywhere else except on your computers and uses encryption to secure all your data. It is very easy to use, cross-platform and automatic. As such, it is very user-friendly and ideal for all users looking for a secure and easy-to-use file synchronization solution. Syncthing supports file versioning, relaying, ignoring files and many more. Different configurations offer different options to suit users’ specific requirements.
    Downloads: 97 This Week
    Last Update:
    See Project
  • 8
    Poptop is an open source implementation of a PPTP server. Running under x86 or embedded Motorola ColdFire architectures Poptop provides full interoperability with the Microsoft PPTP VPN client.
    Leader badge
    Downloads: 732 This Week
    Last Update:
    See Project
  • 9
    FLARE VM

    FLARE VM

    A collection of software installations scripts for Windows systems

    FLARE VM is a security-focused Windows workstation distribution designed for malware analysis, reverse engineering, penetration testing, and threat hunting. It bundles a curated set of tools—disassemblers, debuggers, decompilers, virtualization, forensics utilities, packet capture tools, exploit frameworks, and hex editors—preconfigured to work together. The environment configures paths, dependencies, environment variables, and common tool integrations so analysts can focus on tasks rather than setup. Updates and modular installation let users include only the tools that match their workflow, keeping the VM lean and current. Because security toolchains often clash (DLL versions, signing, privileges), FLARE VM’s packaging handles compatibility issues ahead of time. For investigations involving malware unpacking, sandboxing, static analysis, or code reversing on Windows, the platform dramatically accelerates readiness and consistency across analysts.
    Downloads: 96 This Week
    Last Update:
    See Project
  • AI-powered service management for IT and enterprise teams Icon
    AI-powered service management for IT and enterprise teams

    Enterprise-grade ITSM, for every business

    Give your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
    Try it Free
  • 10
    Nikto

    Nikto

    Web server vulnerability scanner for security assessments

    Nikto is an open-source web server scanner that performs comprehensive tests to detect potentially dangerous files, outdated server software, and configuration issues. It’s widely used by penetration testers and security professionals for auditing web applications and infrastructure. Nikto supports multiple output formats and can integrate with other tools for automated scanning workflows.
    Downloads: 93 This Week
    Last Update:
    See Project
  • 11
    winPenPack

    winPenPack

    The portable software collection

    winPenPack is a project that aims at collecting the most frequently used and most popular open source applications made portable, so that they can be executed without installation from any USB Flash Drive or Hard Disk. The winPenPack suites offer a wide range of portable applications like office tools, internet tools, multimedia tools, development tools, security applications and other frequently used utilities. Everything you need, completely free, open source and portable!
    Leader badge
    Downloads: 418 This Week
    Last Update:
    See Project
  • 12
    Service Bus Explorer

    Service Bus Explorer

    Connect to a Service Bus namespace and administer messaging entities

    The Service Bus Explorer allows users to connect to a Service Bus namespace and administer messaging entities in an easy manner. The tool provides advanced features like import/export functionality or the ability to test topics, queues, subscriptions, relay services, notification hubs, and events hubs. Microsoft Azure Service Bus is a reliable information delivery service. The purpose of this service is to make communication easier. When two or more parties want to exchange information, they need a communication facilitator. Service Bus is a brokered, or third-party communication mechanism. This is similar to postal service in the physical world. Postal services make it very easy to send different kinds of letters and packages with a variety of delivery guarantees, anywhere in the world. The Service Bus Explorer 2.1.0 can be used with the Service Bus for Windows Server 1.1. The Service Bus Explorer 2.1.0 uses a version of the Microsoft.ServiceBus.dll client library.
    Downloads: 90 This Week
    Last Update:
    See Project
  • 13
    Maigret

    Maigret

    Collect a dossier on a person by username from thousands of sites

    Maigret is an open-source OSINT tool designed to collect a dossier on a person by username from thousands of sites. It automates the process of checking for a user's presence across various platforms, aiding in digital investigations.​
    Downloads: 89 This Week
    Last Update:
    See Project
  • 14
    Alertmanager

    Alertmanager

    Prometheus Alertmanager

    The Alertmanager handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing them to the correct receiver integrations such as email, PagerDuty, or OpsGenie. It also takes care of silencing and inhibition of alerts. Precompiled binaries for released versions are available in the download section on prometheus.io. Using the latest production release binary is the recommended way of installing Alertmanager. The current Alertmanager API is version 2. This API is fully generated via the OpenAPI project and Go Swagger with the exception of the HTTP handlers themselves. A HTML rendered version can be accessed and clients can be easily generated via any OpenAPI generator for all major languages.
    Downloads: 88 This Week
    Last Update:
    See Project
  • 15
    fsociety

    fsociety

    Modular CLI framework for managing penetration testing tools

    fsociety is a modular penetration testing framework designed to provide a unified interface for running and managing a wide range of security tools. It focuses on simplifying penetration testing workflows by integrating multiple external security utilities into a single command line environment. Instead of implementing its own security scanners, the framework acts as a wrapper and orchestrator that helps users discover, install, and execute tools from various GitHub repositories. Its modular architecture organizes tools into categories such as information gathering, networking, web application security, and password testing. This structure allows users to quickly navigate through different security tasks while maintaining a consistent interface. fsociety can automatically clone and manage required tools, reducing the manual effort typically needed to set up a penetration testing toolkit. fsociety is distributed as a Python package.
    Downloads: 88 This Week
    Last Update:
    See Project
  • 16
    syft

    syft

    CLI tool and library for generating a Software Bill of Materials

    CLI tool and library for generating a Software Bill of Materials from container images and filesystems. syft is a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability detection when used with a scanner like Grype. Generates SBOMs for container images, filesystems, archives, and more to discover packages and libraries. Supports OCI, Docker and Singularity image formats. Linux distribution identification. Works seamlessly with Grype (a fast, modern vulnerability scanner). Able to create signed SBOM attestations using the in-toto specification. Convert between SBOM formats, such as CycloneDX, SPDX, and Syft's own format.
    Downloads: 88 This Week
    Last Update:
    See Project
  • 17
    pdfcrack is a command line, password recovery tool for PDF-files.
    Leader badge
    Downloads: 438 This Week
    Last Update:
    See Project
  • 18
    kcp Kubernetes

    kcp Kubernetes

    Kubernetes-like control planes for form-factors

    kcp can be a building block for SaaS service providers who need a massively multi-tenant platform to offer services to a large number of fully isolated tenants using Kubernetes-native APIs. The goal is to be useful to cloud providers as well as enterprise IT departments offering APIs within their company. kcp takes full advantage of Kubernetes API conventions, the glue that binds the cloud-native technology ecosystem together and imbues Kubernetes popular end-user experience, but kcp has unbound it from Kubernetes workload orchestration and clusters. kcp implements fully-isolated workspaces, each acting as its own Kubernetes-like cluster, with its own URL, its own set of APIs (e.g. different CRDs), its own RBAC, but as cheap and quick as a namespace.
    Downloads: 86 This Week
    Last Update:
    See Project
  • 19
    hydra

    hydra

    Cloud native, security-first, API security for your infrastructure

    Secure access to your applications and APIs, and authenticate third party users. Ory / Hydra is Open Source and OpenID Connect Certified® technology that integrates with any login system. Get started in minutes, and provide secure access to your application and API endpoints. Ory / Hydra works with any login system and only a few lines of code are required. Ory / Hydra is written in Go and we provide SDKs for every language. We work with any login system and it is easy to customize the login experience. Our documentation makes integrating Ory / Hydra a snap. The Ory Community stands on the shoulders of individuals, companies, and maintainers. We thank everyone involved, from submitting bug reports and feature requests, to contributing patches, to sponsoring our work.
    Downloads: 83 This Week
    Last Update:
    See Project
  • 20
    Buster

    Buster

    Captcha solver extension for humans

    Save time by asking Buster to solve captchas for you. Buster is a Firefox extension which helps you to solve difficult captchas by completing reCAPTCHA audio challenges using speech recognition. Challenges are solved by clicking on the extension button at the bottom of the reCAPTCHA widget. It is not guaranteed that challenges are always solved, the limitations of the technology need to be considered. The continued development of Buster is made possible thanks to the support of awesome backers. If you'd like to join them, please consider contributing with Patreon, PayPal or Bitcoin. The success rate of the extension can be improved by simulating user interactions with the help of a client app. Follow the instructions from the extension's options to download and install the client app on Windows, Linux and macOS, or get the app from this repository.
    Downloads: 81 This Week
    Last Update:
    See Project
  • 21
    bettercap

    bettercap

    The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks

    bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks.
    Downloads: 80 This Week
    Last Update:
    See Project
  • 22
    SimpleX

    SimpleX

    The first messaging platform operating without user identifiers

    Other apps have user IDs: Signal, Matrix, Session, Briar, Jami, Cwtch, etc. SimpleX does not, not even random numbers. This radically improves your privacy. The video shows how you connect to your friend via their 1-time QR-code, in person or via a video link. You can also connect by sharing an invitation link. Temporary anonymous pairwise identifiers SimpleX uses temporary anonymous pairwise addresses and credentials for each user contact or group member. It allows to deliver messages without user profile identifiers, providing better meta-data privacy than alternatives. Many communication platforms are vulnerable to MITM attacks by servers or network providers. To prevent it SimpleX apps pass one-time keys out-of-band when you share an address as a link or a QR code. Double-ratchet protocol. OTR messaging with perfect forward secrecy and break-in recovery. NaCL cryptobox in each queue to prevent traffic correlation between message queues if TLS is compromised.
    Downloads: 78 This Week
    Last Update:
    See Project
  • 23
    nuclei

    nuclei

    Fast and customizable vulnerability scanner based on simple YAML

    Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks. We have a dedicated repository that houses various type of vulnerability templates contributed by more than 300 security researchers and engineers. Nuclei has built-in support for automatic template download/update as default since version v2.5.2. Nuclei-Templates project provides a community-contributed list of ready-to-use templates that is constantly updated. You may still use the update-templates flag to update the nuclei templates at any time; You can write your own checks for your individual workflow and needs following Nuclei's templating guide.
    Downloads: 74 This Week
    Last Update:
    See Project
  • 24
    Lazesoft Windows Key Finder

    Lazesoft Windows Key Finder

    A free Windows and MS Office product key code finder and retriever.

    Lazesoft Windows Product finder is a free Windows and Microsoft Office product key code finder and retriever. It allows you to recover your CD product key for Windows or Microsoft Office for use when you are reinstalling or repairing your Windows and Microsoft Office setups. With it, you can recover your lost key for Windows 2000, XP, 2003, Vista, 2008, 7, 8, 8.1, 10 and all versions of Microsoft Office. What's new in the Version 1.7: Retrieve Windows 10 product key Retrieve Microsoft Office 2016 key Fixed bugs of decoding Microsoft Office 2013 key Supported Windows Versions: Windows 2000 SP4 Windows XP Windows Vista Windows 7 Windows 8 Windows 8.1 Windows 10 Windows Server 2003 Windows Server 2008 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Supported Microsoft Office Versions: Microsoft Office 2000, 2003, 2007, 2010, 2013, 2016
    Leader badge
    Downloads: 1,162 This Week
    Last Update:
    See Project
  • 25
    Wazuh

    Wazuh

    The Open Source Security Platform

    Wazuh is an open-source, unified security platform that delivers extended detection and response (XDR) and SIEM capabilities for on-premises, cloud, container, and endpoint environments. It provides comprehensive threat prevention, detection, integrity monitoring, incident response, and compliance monitoring. SIEM functionality to monitor security across endpoints, workloads, and containers. Centralized architecture enabling scalable deployment and unified management. Easy deployment with rich documentation and community engagement.
    Downloads: 72 This Week
    Last Update:
    See Project